How do you do, fellow kids? Grandpa Puppet gets down with Docker

When you wanna be lit af, like manual scripting

By Maxwell Cooter,
2 Jun 2017

It's strange when you're no longer the new kid on the block. First, you're the hippest of the hip, the one that everyone envies and then, suddenly, you're looking that little bit older, and generally less interesting.

That's the rather curious position that configuration management players like Puppet and Chef find themselves in. It's true they've penetrated the furthest reaches of organisations (Puppet claims that it's being used by 75 per cent of the Fortune 500 companies) and have redefined the way that software is being deployed, but they're no longer the hottest technology in town.

The world has turned towards containerization and Docker, released in 2013, is now attracting the sort of headlines that Puppet once did. The new boys are now relishing their status as the whiz kids, almost looking down on the older tech. As Jay Lyman, principal analyst at 451 Research, puts it: "We've seen companies like Shippable talking about Puppet in the same way that Puppet used to talk about manual scripting."

Founded in 2005 – ancient history in tech terms – Puppet hasn't been idle, judging by this month's pair of releases.

Behind them is an attempt by Puppet to try and reinforce its enterprise product, boost support for cloud and find ways to support – yes – Docker.

It has introduced Puppet Cloud Discovery and Lumogon for sysadmins to get a better handle on applications running in the cloud and within containers. According to Puppet, Lumogon and Puppet Cloud Discovery crack open "the black box of container and cloud workloads", enabling companies to have a much better idea of what they're running.

Gartner reckons fewer than 20 per cent of IT organisations have automation in their IT management portfolios. The Holy Grail of full automation is contingent on sysadmins knowing exactly what applications are running in the enterprise, analysing them and taking appropriate action. There's a limited selection of tools available to do this currently.

Nick Smyth, vice president for engineering at Puppet, said the company has been approached by customers looking for guidance. "The questions that we've been getting are: What am I running and how can I get them under my control? The problem has got worse as we move to microservices and as we move from on-premises to cloud. And while it's so easy to spin up cloud infrastructure, operators are struggling to discover what they're running in the cloud."

Lumogon is designed to let sysadmins know what's running inside a container while providing a record of all changes made throughout the container lifecycle. It also makes it easier for IT teams to have a complete view across the entire infrastructure.

Smyth says the company had to respond to increased demand for containerization. "It's accelerating how it gets into production – it's emerging as a standard way to manage a packaged application."

But, he says, what it's lacking is the same high degree of management. "An IT operator wants to run that same level of control on containers as he has with virtual machines."

He points out how companies are now accelerating changes without taking a wider view. "We're getting these containers to push into production before we fully know what we have: in the old days, we knew what we had before we pushed it. That's not the case now."

And although the push to containerization has made systems more efficient and made better use of resources, there's a gap when it comes to fully recognising what's on the network, particularly in terms of spotting vulnerabilities. The idea is that Lumogon finds any vulnerabilities and takes them off a live system – it's the sort of management tool that enterprises need to make containers work more effectively.

Quocirca's Clive Longbottom reckoned Lumogon provides the necessary linkages between Docker – which has become a fundamental piece of architecture for many – and Puppet. "There are fewer admin consoles needed, and therefore fewer errors that can occur between systems," he said.

There are, of course, other containerization models out there. Initially, Puppet is offering Lumogon only on Docker implementations although, Smyth says, the company will look at other container systems if there's a demand for them.

Longbottom agrees there is a need to look beyond Docker, such as LXD and LXC. "An agnostic approach will be needed as different approaches to containerisation come through," he said.

What comes next? A good step would be a move further up into the business, according to some – letting those in management enter economic rules that help define the priority and operations of orchestration with full feedback loops would also enable a raft of "what if" capabilities.

Lyman says Puppet is the right path as there's a requirement to focus on wider enterprise needs, but it's heading into competition with PaaS providers such as Red Hat Open Shift, particularly after Red Hat's purchase of Ansible – a Puppet competitor in the configuration management field. Meanwhile, gaps persist in the Puppet portfolio.

Puppet is going down a path that takes it away from its roots in DevOps. Lyman says that the future is fundamentally about "digital transformation" that "is about so much more than just DevOps".

By focusing on containers, Puppet is trying to convince customers it can help change the way that software is managed and – in so doing – regain some of its old swagger. ®